checkov icon indicating copy to clipboard operation
checkov copied to clipboard
verified publisher icon bridgecrewio

feat(arm): PubsubSpecifyIdentity

Open shoshiGit opened this issue 1 year ago • 0 comments

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

We converted the check 'PubsubSpecifyIdentity' from TERRAFORM language to the ARM language so that it also works on resources that are defined in the ARM language.

Fixes # (issue)

Description

Ensure Web PubSub uses managed identities to access Azure resources.

Fix

*Converted the check implementation to inspect ARM template resources for Microsoft.SignalRService/webPubSub. Adjusted the check logic to validate the identity/type property against ANY_VALUE, ensuring compliance with managed identity usage. *

Checklist:

  • [x] My code follows the style guidelines of this project
  • [x] I have performed a self-review of my own code
  • [ ] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [x] I have added tests that prove my feature, policy, or fix is effective and works
  • [x] New and existing tests pass locally with my changes
  • [ ] Any dependent changes have been merged and published in downstream modules

shoshiGit avatar Jun 23 '24 12:06 shoshiGit